Configure ftp access on CentOS 7 and grant user access to website.
Posted On November 9, 2016
We need to setup secure ftp access for VPS user so he can access his wordpress site via ftp as needed. Below are the steps that we took to accomplish this.
1. Install vsftpd
yum -y install vsftpd
2. Configure vsftpd configuration file.
vim /etc/vsftpd/vsftpd.conf
Change the following directives.
anonymous_enable=NO local_enable=YES write_enable=YES chroot_local_user=YES
Ones completed restart vsftpd and enable it so it starts during boot
systemctl restart vsftpd systemctl enable vsftpd
3. Configure firewall access
firewall-cmd --permanent --add-port=21/tcp firewall-cmd --reload
4. Crete user ftpuser and set password for this user.
useradd ftpuser passwd ftpuser
5. Make sure users home directory points to webroot
ftpuser:x:1002:1002::/var/www/html/mysite:/bin/bash
6. Add user to apache group
usermod -a -G apache ftpuser
7. Change permittions to apache group on your webroot
chgrp -R apache /var/www/html/webroot/
Secure web root access
This is arguably one of the best ways to balance between security and usability
useradd ftpuser groupadd ftp-access-group usermod -a -G ftp-access-group ftp-user chown root /var/www/html chgrp ftp-access-group /var/www/html chmod 775 /var/www chmod g+s /var/www